 | ||
|
| ||
| ||
|
| ||
Nancy Winnick Cluts
Developer Technology Engineer
Microsoft Corporation
June 3, 1997
Updated June 17, 1997
The following article was originally published in MSDN online Magazine.
I've always theorized that the easiest way to deal with bad news (i.e., news that means you are going to have to redo something) is to face it head on. So, I remind you that it isn't nice to kill the bearer of bad news. And there's good news, too: You'll only have to redo this particular something once.
Okay, here goes: The Authenticode digital signatures, created with certificates of Authentication that you received from Verisign, will no longer verify properly using released versions of Internet Explorer 3. x after June 30, 1997. This is because the Certificate Authority (CA) root certificates recognized by those 3. x versions of Internet Explorer will expire as of that date. Once this happens, Internet Explorer will treat code signed with these certificates as unsigned code. For your code to work properly, you will need to re-sign it, using new code-signing tools released with Authenticode 2.0.
Authenticode is a technology based on industry standards that provides a method for developers to digitally sign their code (.EXE, .CAB, .OCX, and .CLASS files). When code is signed, the company signing the code vouches that the code is safe and free of viruses, and takes responsibility for the code. Signing code does not alter it. The tools used to sign code generate a digital signature string you can bundle with the code. This digital signature is created using two keys: one public and one private. The public key can be known to anyone, but the private key is known only to the owner. This design allows for the use of one key for encryption and another for decryption. The private key generates the digital signature and the corresponding public key validates the signature. If you want more detailed information about Authenticode and how code-signing works, see the Authenticode page on the Security Advisor Web site.
In order to digitally sign code, you must obtain a certificate from a CA (such as VeriSign). CAs are trusted persons or organizations that verify a person's identity and then issue certificates. Each certificate issued is ultimately linked to the certificate of the CA that signed it. There are multiple root certificates, with each CA linked to a root. Each certificate verified by a CA is linked through the CA's certificate down to the root certificate.
As of June 30, 1997, the Authenticode CA root certificates built into earlier versions of Internet Explorer will expire. As a result, all certificates down the hierarchy will also be affected. Since your certificates are linked to a CA's certificate, your certificates will also expire as of that date.
Previous versions of Authenticode supported the expiration of certificates of authentication but did not incorporate a verifiable signature timestamp. As a result, once a certificate expires, it is impossible to determine if the code was signed during the valid period of the certificate. This means that Internet Explorer will be unable to verify Authenticode signatures after the CA root certificate expiration date.
Authenticode 2.0 provides a solution by renewing all CA root certificates and insuring their continued validity for the full lifetime defined by the CA. It also incorporates timestamping support into its signing and verification tools. VeriSign will support a verifiable timestamping service for code signing. Authenticode 2.0 will do away with the previous "short lived" (pre-installed CA) certificates, and will instead support an infrastructure for the use of a Certificate Revocation List to be used in future versions of Internet Explorer. It is important to note that versions of Internet Explorer up to version 3.02 will not recognize timestamped signatures, so you will need to update your version of Internet Explorer 3.02 with Authenticode 2.0 for this fix to work (see the list at left above).
The whole point of providing Authenticode technology is to keep your code as secure as possible while making it easy to download code (we don't want to make anyone jump through too many hoops). By using Authenticode, you are telling your customers that you stand behind your code. If you have questions about Authenticode 2.0, please direct them to Authenticode@LISTSERV.MSN.COM.
Developer-technology writer Nancy Winnick Cluts was born in a trunk in the Princess Theater in Pocatello, Idaho. That dusty old trunk had a C++ programming manual in it. The rest is history.
There are four things (count 'em, four) developers need to re-sign their code. All of them can be downloaded:
For technical how-to questions, check in with the Web Men Talking, MSDN online's answer pair.
Did you find this material useful? Gripes? Compliments? Suggestions for other articles? Write us!
© 1999 Microsoft Corporation. All rights reserved. Terms of use.
Back to top